This release includes a critical update that affects users who
access Lightning Experience or Salesforce1 from IE11. Additionally, if you
use Lightning components, Visualforce, flows, or approvals, it
includes critical updates that probably affect your customizations.

To ensure a smooth transition, each critical update has an opt-in period, which ends on the
auto-activation date that’s displayed on the Critical Updates page in Setup. During this
period, you can manually activate and deactivate the update as often as you need to evaluate
the impact on your organization and modify affected customizations. After the opt-in period
has passed, the update is automatically activated. For more details, see Critical Updates.

LockerService is a powerful new security architecture for Lightning components that is a critical
update for this release. LockerService enhances security by isolating individual Lightning components in their own
containers. LockerService also promotes best practices that improve the supportability of your
code by only allowing access to supported APIs and eliminating access to non-published
framework internals.

This critical update enables LockerService security for Lightning
components in Communities only. It’s separate from the general LockerService critical update,
which activates the LockerService security enforcements throughout your Salesforce org, but
not in Communities.

This critical update enforces access check violations for Lightning resources. Previously, the
access violations only generated warnings. Improved access check enforcement enables component
authors to have greater control over how their components are used.

In Summer ’15, we changed the
behavior of the getContent() and getContentAsPDF() methods of the PageReference object. This change was released as a critical
update named “PageReference getContent() and
getContentAsPDF() Methods Behave as Callouts” and was scheduled for auto-activation in
Summer ’16. The auto-activation date has been postponed until Winter ’17.

When records are submitted for approval, Salesforce automatically makes sure that
the record meets the entry criteria for the approval process. This critical update does the same
for the submitting user when records are submitted behind the scenes by making sure that user is
an allowed submitter.